90c244948a
- Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`. - Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.
1.4 KiB
1.4 KiB
Risk Profile Schema Guild Charter
Mission
Define and maintain the RiskProfile schema, validation rules, inheritance logic, and integration with Policy Engine and Authority scoping.
Scope
- JSON Schema definition, validators, and code generation for RiskProfile documents.
- Inheritance/merge engine, content hashing, and signature support.
- Policy store integration, scope selectors, and lifecycle management.
- Tooling for Policy Studio and CLI authoring.
Definition of Done
- Schema publishes via
.well-known/risk-profile-schemawith versioning. - Validators catch conflicts and produce actionable errors.
- Inheritance and overrides deterministic with tests and golden fixtures.
Required Reading
docs/modules/policy/architecture.mddocs/modules/platform/architecture-overview.md
Working Agreement
-
- Update task status to
DOING/DONEin both correspoding sprint file/docs/implplan/SPRINT_*.mdand the localTASKS.mdwhen you start or finish work.
- Update task status to
-
- Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
-
- Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
-
- Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
-
- Revert to
TODOif you pause the task without shipping changes; leave notes in commit/PR descriptions for context.
- Revert to